We have virtualized a public 3rd party application which is talking SSL-MA with the company's gateway.

Whenever our service receives a request, it also needs to send back a feedback request.

When we try to send the feedback request (from a Staging Test in workstation), we receive the error below:

Our virtual service is running on a dedicated server which has it's own certificate and private key.

I have added this certificate and private key to our java keystore.

I have added the certificates from the gateway (rca and ica) to the DevTest's default truststore cacerts

1. Am i doing something wrong? What does this error mean?

The below result comes from the workstation output during a "staging test".

Where are these results kept on the server? I checked the vse logs on the DevTest server but I cannot retrieve anything.

2. Putting on the SSL debug in the workstation during the staging test, does not show anything.

How can i trace the SSL information when the test is running to see where it goes wrong?

============================================================================| javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate============================================================================| Step: Raw SOAP Request----------------------------------------------------------------------------| Message: Received fatal alert: bad_certificate----------------------------------------------------------------------------| Trapped Exception: Received fatal alert: bad_certificate| Trapped Message: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate----------------------------------------------------------------------------STACK TRACEjavax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:535) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) at com.itko.lisa.test.CommTrans.doSend(CommTrans.java:1015) at com.itko.lisa.test.CommTrans.send(CommTrans.java:811) at com.itko.lisa.test.CommTrans.sendPOST(CommTrans.java:789) at com.itko.lisa.ws.RawSOAPNode.execute(RawSOAPNode.java:231) at com.itko.lisa.test.TestNode.executeNode(TestNode.java:981) at com.itko.lisa.test.TestCase.execute(TestCase.java:1280) at com.itko.lisa.test.TestCase.execute(TestCase.java:1195) at com.itko.lisa.test.TestCase.executeNextNode(TestCase.java:1180) at com.itko.lisa.test.TestCase.executeTest(TestCase.java:1124) at com.itko.lisa.coordinator.Instance.run(Instance.java:204)============================================================================

Hi,Entering the keystore file and password, and then checking with the 'Verify...' button in the step that is being used, should be the first thing you try. For example for a live invocation step from a VSM:

If you want more SSL debug information, then add the following line to the appropriate vmoptions file.For example if you run ITR, then add this to Workstation.vmoptions in the bin folder: -Djavax.net.debug=ssl

After restarting the workstation and reproducing the problem, the workstation.log should have all the SSL debug information.